Univention Bugzilla – Bug 48129
02_certificate_check check for certificate exported by apache (ucs-root-ca.crt) is unhelpful
Last modified: 2021-05-14 16:38:03 CEST
02_certificate_check check for certificate exported by apache (ucs-root-ca.crt) is unhelpful If the certificate exported by the apache server (/var/www/ucs-root-ca.crt) can not be verified, only the temporary filename for the downloaded certificate is shown. The temporary file is deleted after the test. Without knowing the source of the check it is not possible to know which certificate has a problem.
This message is more confuding then helpful for the customer: Kritisch: Überprüfe Gültigkeit der SSl Zertifikate Abgelaufenes Zertifikat '/tmp/tmplF7qjY' gefunden. Ungültiges Zertifikat '/tmp/tmplF7qjY' gefunden: error /tmp/tmplF7qjY: verification failed
Which certificates / files are checked in this test? If it is only the ucs-root.ca.crt it would be sufficient to have a better message. If we actually check different certificate files we need more information in the message.
This makes troubleshooting difficult as we do not know which certificate is wrong or expired (well, not without knowing this bug).
This issue has been filed against UCS 4.3. UCS 4.3 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.